Does a non-zero exit code always mean the command script is wrong?

Not necessarily. Wrong working directory, missing env vars, sandbox path blocks, or the external binary returning an error are all common. Capture full stderr and the OpenClaw aggregate log, then follow the ordered checklist in this article.

Why use VNC on a remote Mac for tool failures?

Some tools trigger macOS GUI permissions, Keychain prompts, or automation allow dialogs. A pure SSH session cannot click them, so failures look like timeouts or silence. VNC lets you approve and verify Privacy settings.

2026 OpenClaw Tool Execution Failed | exit code, permissions, logs | VNC remote Mac

Once OpenClaw is installed and running, chat may still show “tool ran but output is empty,” exit code 1, “command denied by policy,” or a long hang. The issue is usually not what the model said—it is the child process, working directory, approval policy, and macOS permissions. This guide is for 2026 operators on a remote Mac over VNC who need a repeatable triage path: pain points that do not duplicate the site-wide common-errors cheat sheet; a symptom × cause matrix; seven ordered steps from openclaw doctor through Gateway and Privacy; four quotable thresholds; FAQ; and a closing that ties naturally to renting a graphical remote Mac. After reading you should know whether to read logs first, approvals first, or UI prompts first.

1. Why the generic error post is not enough

Looks like “no response”: the tool subprocess already exited but the assistant shows an empty string; without debug logs you blame the model or context—wrong direction.
exit code and stderr truncated: some clients show only the last line; remote sessions without full log level lose “path does not exist” or “Operation not permitted.”
Approvals and sandbox together: since 2026.3.x, “tool needs approval” and “directory not on allowlist” are common; multi-workspace or plugin policy stacks failures differently from a simple typo.
cwd vs launchd/shell: on a remote Mac, the daemon’s $PWD may differ from your VNC terminal, so relative-path tools fail intermittently.
SSH blind spots: prompts to allow Terminal/Finder automation or Keychain access need clicks; SSH only shows a timeout—distinct from Gateway reachability.
Division of labor with the no-reply article: if messages are fully silent and you need heartbeat/thinking/cron, read Tasks with no reply first. This page targets tool chain invoked but execution failed with observable signals.

2. Symptom buckets and decision matrix

What you see	Suspect first	First action	vs common-errors master list
Clear `exit code != 0` and stderr mentions path/permission	Command + filesystem	Re-run the same command manually in the same cwd	Master list skews install/deps; here we focus on runtime tools
`/approve` or policy denial	Plugin approval / allowlist	Check OpenClaw approvals and channel bindings in config	Links to plugin approval and browser MCP posts
Hangs until timeout, no exit	Network, GUI prompt, blocking I/O	Open VNC for hidden dialogs; lower concurrency	vs no-reply: here you usually have a tool call id
Only on remote node, local Mac OK	Env, paths, sandbox mounts	Compare `env` and `openclaw status`; data dir mount	Emphasizes remote delta, not reinstall
Started right after upgrade	Breaking defaults, tighter sandbox	Run `openclaw doctor --fix` and read release notes	Complements the v2026.4.5 upgrade article

If you are stuck on “should I reinstall,” finish the seven steps below first; most tool failures map to a single layer within 30 minutes without a full OS reinstall.

3. Seven ordered steps (remote Mac notes)

Pin version and config snapshot

Record openclaw --version, config path, and profile; on remote nodes note launchd/cron so “manual works, daemon fails” is comparable.

Run openclaw doctor

Fix red items first; if --fix is recommended, apply it then retry the tool (same as the v2026.4.5 upgrade flow).

Confirm cwd and writable paths

Search logs for the tool’s cwd; in a VNC terminal run pwd and ls to align. Relative-path tools are cwd-sensitive.

Capture full stderr and exit code

Raise log level temporarily so you see the last screen of a non-zero exit; on remote nodes save one failing session to a file for diffing.

Check approvals / plugin policy

If the tool is a plugin or external binary, confirm /approve or allowlist entries; multi-workspace setups verify channel bind points at the right directory.

Verify Gateway and console

Open the web console in a browser; confirm session and tool invocation IDs match. If only WebSocket is wrong, fix reverse proxy and ports (Gateway article)—not the tool script blindly.

VNC: Privacy and dialogs

For automation or desktop access, check System Settings → Privacy & Security for Terminal/automation; click Allow on prompts, then retry the same tool and watch exit code.

4. Quotable notes and thresholds

Note 1: Keep the full timeline for one tool invocation: user message → model chooses tool → subprocess start/end → exit code. That cuts false conclusions from partial logs.

Note 2: If stderr shows EACCES, EPERM, or sandbox wording, run the command manually in VNC as the same user. Manual success + OpenClaw failure usually means cwd or policy—not a corrupted binary.

Note 3: For timeouts, record wait time and RTT; when RTT is above your baseline (see bandwidth/latency posts), reduce parallel tool calls before widening sandbox.

Note 4: After a major upgrade, if many tools fail at once, read release notes for default policy/path migrations before chasing one broken script.

✅ Reproduced manually in the same cwd with stderr saved
✅ Approval state and plugin versions match current OpenClaw
✅ Ruled out system prompts and Privacy items under VNC

5. VNC GUI checklist (dialogs and Settings)

On a rented node, run this alongside first-run and corporate-network runbooks: ① same macOS user logged in; ② no stale security dialogs after screen lock; ③ not relying on SSH-only when a prompt exists; ④ Keychain unlock done on the VNC desktop; ⑤ Gateway bound to localhost while the browser hits another NIC—any mismatch can look like “tool failure” instead of gateway down.

6. FAQ, related posts, closing

Q: Reinstall data dir first? Only if doctor reports core file corruption; most exit-code issues are path and policy.

Q: Docker vs bare metal? Containers lack host GUI; clipboard, browser, and some macOS permissions differ—read the Docker post together with cwd + approvals here.

Related: OpenClaw common errors (10 solutions), No reply triage, public Gateway proxy, v2026.4.5 upgrade + doctor --fix, browser MCP.

Closing: pull tool-layer failures back into observable signals

Tweaking prompts in chat cannot fix subprocess permissions; without a graphical session, prompt blocking is easy to mistake for model flakiness. Treat exit code, stderr, approvals, and timeline as the triage triangle, then use a VNC-visible macOS desktop for system authorization—that is the stable combo for OpenClaw in 2026. If you do not want to own a always-on Mac but need real macOS for tools and permissions, renting a VNC remote Mac (e.g. VNCMac) makes “see, click, match logs” the default workflow. Pick a node from the home or purchase page, attach this seven-step list to your runbook, and on the next release regression-test three old failures—if you can bucket each within 15 minutes to cwd / approval / permission / gateway, the process is closed.

2026 OpenClaw Tool Execution Failures and Command Denials: From exit code Through Permissions and Logs (Remote Mac + VNC)